Set Items Description 

51 77 AU=(BEHERA P? OR BEHERA, P?) 

52 7 99 LDAP OR LIGHT? () DIRECTOR? () ACCESS? OR DIRECTOR? () ACCESS? 

53 4566022 ATTRIBUTE? OR PROPERT? 

54 2359 READ(3N) (RIGHT? OR ACCESS? OR PRIVILEGE? OR PERMI?) 

55 11883 (WRITE? OR CHANGE? OR MODIF? OR ADD OR DELETE? OR EDIT) (2N- 

) (ACCESS? OR PERMI? OR RIGHT? OR PRIVILEGE?) 

56 5633 ACL OR ACCESS () CONTROL? ( ) (LIST? ? OR TABLE? OR PLAN? ? OR - 

FILE? OR LOG? ?) 

57 89958 LOCAL? AND (ONLINE OR ON () LINE? OR OFFSITE OR OFF () SITE? OR 

REMOTE? OR DISTANCE?) 
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CHANGE? 



OR MODIF? OR EDIT? OR 
ADD OR DELETE) 
S20- 0 SI (S) (S2 OR DIRECTOR?) 

521 48 S8 OR S12 OR S14 OR S16 OR S17 OR S18 OR S19 

522 43 RD (unique items) 

523 37 S22 NOT PY>1999 

524 36 S23 NOT PD>991122 
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DIALOG (R) File 8 : Ei Compendex (R) 
(c) 2002 Engineering Info. Inc. All rts. reserv. 

04832161 E.I. No: EIP97093843124 

Title: Authorization with security attributes and privilege delegation 
access control beyond the ACL 

Author: Sameshima, Yoshiki; Kirstein, Peter 

Corporate Source: Univ Coll London, London, Engl 

Source: Computer Communications v 20 n 5 July 1997. p 376-384 

Publication Year: 1997 

CODEN: C0C0D7 ISSN: 0140-3664 

Language: English 

Document Type: JA; (Journal Article) Treatment: A; (Applications) 
Journal Announcement: 9711W3 

Abstract: This paper focuses on authorization in distributed 
environments; the typical authorization scheme employs access control 
lists , however, the scheme has problems when it is applied to a 
large-scale network. We introduce a new authorization scheme, compare it 
with the old scheme, and present an implementation of an information server 
which adopts the new scheme. As a part of authorization, delegation of 
privileges is important, however, current delegation mechanisms have 
problems when the delegation crosses a boundary of security domains. We 
propose a solution which refers to security information of other security 
domains through a directory service, (Author abstract) 25 Refs. 

Descriptors: ^Distributed computer systems; Computer networks; Local area 
networks; Security of data; Computer software 

Identifiers: Authorization; Privilege attribute certificate; Kerberos 
network authentication service; Distributed authentication security service 
; Boolean expression evaluation; Access control decision function; Internet 

Classification Codes: 

722.4 (Digital Computers & Systems); 723.2 (Data Processing) 
722 (Computer Hardware); 723 (Computer Software) 
72 (COMPUTERS & DATA PROCESSING) 
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DIALOG (R) File 8 : Ei Compendex (R) 

(c) 2002 Engineering Info. Inc. All rts. reserv. 

03701430 E.I. No: EIP930810404 17 

Title: Adaptive cache coherency for detecting migratory shared data 

Author: Cox, Alan L.; Fowler, Robert J. 
Corporate Source: Rice Univ 

Conference Title: Proceedings of the 20th Annual International Symposium 
on Computer Architecture 

Conference Location: San Diego, CA, USA Conference Date: 
19930516-19930519 

Sponsor: IEEE; SIGARCH 

E.I. Conference No.: 18728 

Source: Conference Proceedings - Annual Symposium on Computer 
Architecture 1993. Publ by IEEE, Computer Society Press, Los Alamitos, CA, 
USA. p 98-108 

Publication Year: 1993 

CODEN: CPAADU ISSN: 0884-7495 ISBN: 0-8186-3810-9 
Language: English 

Document Type: CA; (Conference Article) Treatment: A; (Applications) 
Journal Announcement: 9310W5 

Abstract: Parallel programs exhibit a small number of distinct 
datasharing patterns. A common data-sharing pattern, migratory access, is 
characterized by exclusive read and write access by one processor at 
a time to a shared datum. We describe a family of adaptive cache coherency 
protocols that dynamically identify migratory shared data in order to 
reduce the cost of moving them. The protocols use a standard memory model 
and processor-cache interface. They do not require any compile-time or 
run-time software support. We describe implementations for bus-based 
multiprocessors and for shared-memory multiprocessors that use directory 
-based caches. These implementations are simple and would not significantly 



increase hardware cost. We^Bce trace and execution-driven s^Wlation to 

compare the performance of the adaptive protocols to standard 
write-invalidate protocols. These simulations indicate that, compared to 
conventional protocols, the use of the adaptive protocol can almost halve 
the number of inter-node messages on some applications. Since cache 
coherency traffic represents a larger part of the total communication as 
cache size increases, the relative benefit of using the adaptive protocol 
also increases. (Author abstract) 23 Refs. 

Descriptors: ^Associative storage; Computer architecture 

Identifiers: Cache coherency; Data sharing models 

Classification Codes: 

722.1 (Data Storage, Equipment & Techniques); 722.4 (Digital Computers 
& Systems) 

722 (Computer Hardware) 

72 (COMPUTERS & DATA PROCESSING) 
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01164757 E.I. Monthly No: EI8212105469 E.I. Yearly No: EI82017647 

Title: OBJECT-BASED VIRTUAL OPERATING SYSTEM FOR THE ADA PROGRAMMING 
SUPPORT ENVIRONMENT. 

Author: Taft, S. Tucker 

Corporate Source: Intermetrics Inc, Cambridge, Mass, USA 

Source: Operating Systems Review (ACM) v 16 n 1 Jan 1982 p 14-25 

Publication Year: 1982 

CODEN: 0SRED8 ISSN: 0163-5980 

Language: ENGLISH 

Journal Announcement: 8212 

Abstract: An object-based architecture for the virtual operating system 
and database of the Ada Programming Support Environment is proposed that 
diverges from the strict capability-based access-control and directory 
system. It provides for composite objects as the primary hierarchical 
structuring, and by separating access-control into a capacity associated 
with the reference, and an access - control table associated with the 
target object. This new design combines the security and flexibility of the 
capability-based architecture, while retaining the user-friendliness and 
familiarity of the more conventional hierarchical file system. 6 refs. 

Descriptors: ^COMPUTER ARCHITECTURE--*Design/ COMPUTER SYSTEMS 
PROGRAMMING; DATABASE SYSTEMS; DATA PROCESSING— File Organization 

Identifiers: OBJECT-BASED VIRTUAL OPERATING SYSTEMS; ADA PROGRAMMING 
SUPPORT ENVIRONMENT; HIERARCHICAL FILE SYSTEM 

Classification Codes: 

722 (Computer Hardware) ; 723 (Computer Software) 
72 (COMPUTERS & DATA PROCESSING) 
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(c) 2002 ProQuest Inf o&Learning . All rts. reserv. 

01492411 ORDER NO: AADAA-I962297 6 

DISTRIBUTED COMPUTING ENVIRONMENT FOR STANDARDS BASED MULTIMEDIA HEALTHCARE 
SYSTEMS (HYPERTEXT, PACS) 

Author: AL-SAFADI, YASSER HAYCAM 
Degree: PH.D. 
Year: 1995 

Corporate Source/Institution: THE UNIVERSITY OF ARIZONA (0009) 
Director: RALPH MARTINEZ 

Source: VOLUME 57/03-B OF DISSERTATION ABSTRACTS INTERNATIONAL. 

PAGE 1996. 122 PAGES 
Descriptors: ENGINEERING, ELECTRONICS AND ELECTRICAL ; INFORMATION 

SCIENCE ; ENGINEERING, BIOMEDICAL ; HEALTH SCIENCES, HEALTH 

CARE MANAGEMENT 
Descriptor Codes: 0544; 0723; 0541; 0769 



The Open Software FouWKtion (OSF) Distributed Computi^^Environment 

(DCE) is an integrated set of services that facilitates the construction, 
use and maintenance of distributed applications in a heterogeneous 
computing environment. The OSF DCE services include remote procedure calls, 
naming service, threads service, time service, and security service. 
Several OSF DCE toolkits are currently available from computer and software 
vendors . 

The Global Picture Archiving and Communication System (Global PACS) 
operates in a medical environment for managing digital images over a large 
geographical area. This dissertation presents an approach to developing a 
platform to support multimedia Global PACS applications using the OSF DCE 
services and toolkits. Dynamic sequences such as Ultrasound are retrieved 
from a scalable video service over a TCP/IP connection. The Comprehensive 
Chart and the Remote Consultation and Diagnosis system are multimedia 
Global PACS applications that demonstrate the utility of this approach. 

The Comprehensive Chart is a multimedia medical record browser that 
provides a comprehensive view of patient data. The user of the 
Comprehensive Chart is authenticated using DCE Security and can access the 
objects only allowed by the Access Control List . System resources 
locations are transparent to the user and are located using the DCE 
Directory Service. Patient data privacy is maintained during communication 
through the use of secure remote procedure calls. 

The Remote Consultation and Diagnosis system was developed under a 
National Science Foundation project headed by Dr. Ralph Martinez, 
University of Arizona. It allows medical experts at different geographical 
locations to view the same image and exchange synchronized voice and image 
annotation commands. The current version uses the DCE Directory Service to 
dynamically locate session participants. These participants are 
authenticated and they can access objects only allowed by access control 

lists . The DCE Time Service will hide time zone differences among 
participants, and support the timestamp mechanism for the synchronization 
of voice and image annotation commands. 

The use of the OSF DCE approach features an open architecture, 
heterogeneity, security, scalability, and technology independence. This 
approach can be used to develop general purpose multimedia delivery 
applications. Finally, this design and implementation provides the 
foundation for extending medical services to rural areas. 
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DIALOG (R) File 35 : Dissertation Abs Online 

(c) 2002 ProQuest Inf o&Learning . All rts. reserv. 

832231 ORDER NO: AAD84-01037 

CHARACTERISTICS OF SELECTED WOMEN IN KEY ADMINISTRATIVE POSITIONS IN 
VOCATIONAL EDUCATION WHO OVERCAME FACTORS CONTRIBUTING TO THEIR 
UNDERRE PRESENTATION WITHIN THE COMMONWEALTH OF MASSACHUSETTS 

Author: SCRIZZI, MARILYN 
Degree: ED.D. 
Year: 1983 

Corporate Source/Institution: UNIVERSITY OF MASSACHUSETTS (0118) 
Source: VOLUME 4 4/10-A OF DISSERTATION ABSTRACTS INTERNATIONAL. 

PAGE 2 947. 106 PAGES 
Descriptors: EDUCATION, ADMINISTRATION 
Descriptor Codes: 0514 

The purpose of the study was to identify characteristics of selected 
women in the Commonwealth of Massachusetts who overcame factors identified 
in the literature as contributing to the underrepresentation of women in 
key administrative positions in vocational education. 

Respondents were women possessing ACl APPROVAL, (Approval as a 
Superintendent- Director of a vocational school) who were serving in key 
administrative positions within the vocational education delivery system. 

The sample was selected from the women approved in the ACl 
classification and was stratified into four different stratas : STRATAS I 
and III contained women occupying the top central office positions in 
vocational schools and large comprehensive high schools. STRATAS II and IV 
contained women occupying the position of coordinator in vocational 



technical schools and lar^ftomprehensive high schools. 

Data was collected by interview using a process which was created 
to elicit common characteristics of women in the study population. The 
interview process dealt with the following: (1) the personal, preparatory 
and professional school characteristics; (2) patterns of career 
development; (3) current job commonalities; (4) internal and external 
barriers encountered; (5) types of discrimination encountered. 

The respondents all reported that they overcame barriers 
previously identified in the literature as having contributed to the 
underrepresentation of women in key administrative positions in vocational 
education . 

External barriers encountered included: prejudice among members of 
local school committees, infractions of the Educational Amendments of 1972 
and occupational stereotyping. 

Types of discrimination encountered included: direct 
discrimination as evidenced by separate salary schedules for men and women 
and sexual harassment. 

This study concluded that the women administrator serving in key 
administrative positions within the vocational education delivery system in 
the Commonwealth of Massachusetts is articulate, analytical and aggressive. 
She has well developed organizational and administrative abilities, good 
interpersonal relationship skills and proficiency in her vocational area of 
expertise . 

There appeared to be a strong relationship between achievements 
and family background, level of formal education, commitment to career goal 
and achievement. 

The respondents reported that internal barriers did not 
significantly hinder their career mobility. 

Neither sex socialization or sex role stereotyping affected upward 
career mobility of the women studied. 
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DIALOG (R) File 202 : Information Science Abs . 
(c) Information Today, Inc. All rts. reserv. 

2902255 

Access control policies for an object oriented database, including access 
control lists which span across object boundaries. 

Author(s): Fabbio, RA 
Patent Number(s): US 5335346 
Publication Date: Aug 2, 1994 
Language: English 
Document Type : Patent 
Record Type: Abstract 
Journal Announcement: 2 900 

The system and method of this invention provides an access control 
list which spans across object boundaries in an object oriented database. 
In addition to providing read and write access permissions , the 
access control list provides execute semantics which apply to the 
execution of methods in an object oriented database. Within the entries of 
the access control lists , each of the permissions for read , 
write , and execute can be assigned separately to each of a number of ids 
representing user ids or group ids. Upon request for access to the data by 
the user, the user id of the user and the group ids for which the user is a 
member are searched for within the entries to determine whether the user 
has the privileges to perform the operation requested against the objects. 
In addition, the access control policies are inherited from an object's 
superobject; resulting in a least privilege for the object. 

Descriptors: Access control; Object-oriented systems; Policies 
Classification Codes and Description: 6.02 (Bibliographic Search Services, 

Databases); 5.00 (General Aspects) 
Main Heading: Information Systems and Applications; Information Processing 

and Control 
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6603910 INSPEC Abstract Number: C2000-07-6160Z-001 
Title: Flexible list mcinagement in a directory 

Author (s): Jagadish, H.V.; Jones, M.A.; Srivastava, D. ; Vista, D. 
Conference Title: Proceedings of the 1998 ACM CIKM International 
Conference on Information and Knowledge Management p. 10-19 

Editor (s): Gardarin, G.; French, J.; Pissinou, N.; Makki, K. ; Bouganim, 

L. 

Publisher: ACM, New York, NY, USA 

Publication Date: 1998 Country of Publication: USA xiii+450 pp. 
ISBN: 1 58113 061 9 Material Identity Number: XX-1998-02879 

U.S. Copyright Clearance Center Code: 1 58113 061 9/98/11 $5 . 00 
Conf e rence Title: Proceedings of CIKM * 98 — 7th International Conference 
on Information and Knowledge Management 
Conference Sponsor: ACM 

Conference Date: 3-7 Nov. 1998 Conference Location: Bethesda, MD, USA 
Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P) 

Abstract: Lists of entities must often be specified in many real-world 
applications such as customer lists, electronic distribution lists and 

access control lists . These lists are typically specified through 

explicit enumeration, frequently aided by recursive expansion. We discuss 
the declarative specification and extraction of members of such lists as 
queries over a directory that maintains information both about 
individuals and about lists, and identify key features that the directoory 
must support to manage lists in a flexible manner. X.500 is the industry 
standard for modeling information about individuals in a directory , and 

LDAP is the proposed standard for accessing directory information. We 
have designed and built a system to represent and manage lists in the X.500 
information model, and developed efficiently evaluable extensions to the 

LDAP query language for the location and expansion of lists. We describe 
the system architecture and the query evaluation algorithm of this system. 
Our system is deployed for use in the specification and expansion of 
(organizational and personal) electronic messaging (e-mail, voice mail and 
FAX) distribution lists at AT&T Labs. (21 Refs) 
Subfile: C 

Descriptors: authorisation; database management systems; electronic 
messaging; list processing; query processing 

Identifiers: customer lists; electronic distribution lists; access 
control lists ; explicit enumeration; recursive expansion; directory; 
LDAP query language; system architecture; directory information; X.500 
information model; query evaluation algorithm; electronic messaging; e-mail 
; voice mail; FAX; distribution lists 

Class Codes: C6160Z (Other DBMS); C6130S (Data security); C6155 ( 
Computer communications software) 

Copyright 2000, lEE 



24/5/8 (Item 2 from file: 2) 

DIALOG (R) File 2 : INSPEC 
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6447134 INSPEC Abstract Number: B2000-02-6120D-017 , C2000-02-6130S-017 
Title: X.500 and LDAP security: a comparative overview 

Author(s): Hassler, V. 

Author Affiliation: Tech. Univ. Wien, Austria 
Journal: IEEE Network vol.13, no. 6 p. 54-64 
Publisher: IEEE, 

Publication Date: Nov. -Dec. 1999 Country of Publication: USA 

CODEN: lENEET ISSN: 0890-8044 

SICI: 08 90-804 4 (199911/12) 13 : 6L . 54 : LSCO; 1-P 

Material Identity Number: J991-1999-007 

U.S. Copyright Clearance Center Code: 0890-804 4 /99/$10 . 00 
Language: English Document Type: Journal Paper (JP) 



Treatment: Applications f Practical (P) 

Abstract: We give a comparative overview of the X.500 and LDAPv3 
Directory security features. X.500 is a commonly used name for a series of 
joint ISO/IEC and ITU-T standards specifying a distributed directory 
service. It assumes the existence of an underlying OSI protocol stack. 
LDAP is an Internet alternative to the X.500 Directory Access 
Protocol (X.511 DAP). Since its first version LDAP has undergone 
significant changes , and many of them concern security. It was originally 
planned to use LDAP only to access the X.500 directory via an LDAP 
gateway. In the meantime, LDAP functionality was extended, which enables 
LDAPv3 to be used for both the server model and the client read and 
update access protocol. (22 Refs) 
Subfile: B C 

Descriptors: access protocols; Internet; ISO standards; message 
authentication; network servers; open systems; telecommunication security; 
telecommunication standards 

Identifiers: X.500 security; LDAP security; LDAPv3 Directory security; 
ITU-T standards; ISO/IEC standards; distributed directory service; OSI 
protocol stack; Internet; X.500 Directory Access Protocol; X.511 DAP; LDAP 
gateway; server model; update access protocol; access control model; X.500 
access protocol; authentication parameters 

Class Codes: B6120D (Cryptography); B6150M (Protocols); B6210L (Computer 
communications); C6130S (Data security); C5640 (Protocols); C5620W (Other 
computer networks); C7210N (Information networks) 

Copyright 1999, lEE 
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5195691 INSPEC Abstract Number: C9604-6150N-028 
Title : More control , fewer headaches 
Author(s): Salamone, S. 

Journal: BYTE vol.21, no . 1 p. 159-60 
Publisher: McGraw-Hill, 

Publication Date: Jan. 1996 Country of Publication: USA 

CODEN: BYTEDJ ISSN: 0360-5280 

SICI: 0360-5280 (199601) 21: IL. 159: MCFH;1-P 

Material Identity Number: B183-95012 

Language; English Document Type: Journal Paper (JP) 
Treatment: Practical (P) 

Abstract: You can cut LAN support costs and hassles with integrated 
configuration management tools. Such tools are sold by companies such as 
Novell, McAfee Associates, amd Computer Knacks. Typically, these packages 
allow a manager to edit WIN. INI files, script commands, and limit a user's 
desktop choices (for example, by removing the DOS-prompt option or by 
making "Open" under the File menu nonfunctional) . The desire for 
configuration management is not limited to Intel-based PCs running Windows. 
Configuration management tools are becoming more tightly integrated with 
either the network operating system or with systems management tools. For 
example, rather than just linking an icon on a user's screen to an 
application on a specific server, a configuration management program might 
link the execution of an application with a software metering program. In 
that way, when all the licenses for a particular application are used up, 
the icon associated with that application would no longer be displayed on a 
user's screen. Or, you might connect levels of access (e.g., read -only 
vs. write) with an organizational structure previously defined in a Novell 
Bindery or network directory service. So when a new sales associate is 
added to the network, for example, that person would automatically be able 
to look up customer account information, while a newly added sales manager 
would automatically be given the privilege to make chcinges in customer 
files. (0 Refs) 

Subfile: C 

Descriptors: configuration management; network operating systems; 
supervisory programs 

Identifiers: configuration management; LAN support cost; integrated 
software tool; supervisory program; systems software; network operating 



system 

Class Codes: C6150N (Distributed systems software); C6150J (Operating 

systems); C6115 (Programming support); C5620L (Local area networks) 
Copyright 1996, lEE 
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4847738 INSPEC Abstract Number: C9502-54 40-021 
Title: Cache coherence in a multiport memory environment 

Author (s): Crawford, S.E.; DeMara, R.F. 

Author Affiliation: Dept. of Electr. & Comput . Eng., Central Florida 
Univ., Orlando, FL, USA 
p. 632-42 

Publisher: IEEE Comput. Soc. Press, Los Alamitos, CA, USA 
Publication Date: 1994 Country of Publication: USA xiv+655 pp. 
ISBN: 0 8186 6322 7 

U.S. Copyright Clearance Center Code: 0 8186 6322 7/94/$04.00 

Conference Title: Proceedings of the First International Conference on 

Massively Parallel Computing Systems (MPCS) The Challenges of 

General-Purpose and Special-Purpose Computing 

Conference Date: 2-6 May 1994 Conference Location: Ischia, Italy 
Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P) 

Abstract: The effects of various cache coherence strategies are analyzed 
for a multiported shared memory multiprocessor. Analytical models for 
concurrent read exclusive write access (CREW) and concurrent read 

concurrent write access (CRCW) are developed including 

shared-not-cacheable, snooping bus, snooping bus with cache-to-cache 
transfers, and directory protocols. The performance of each protocol is 
shown as the hit rate, main memory-to-cache memory cycle time ratio, 
fraction of shared data, read percentage, and number of partitions are 
varied. Overall, results indicate that a snooping bus with cache-to-cache 
transfer scheme provides consistently fast access times over a wide range 
of execution parameters. However, nearly equivalent performance can be 
obtained with simpler directory based schemes. The implications of these 
results on increasing port complexity and memory usage are discussed. (20 

Refs) 
Subfile: C 

Descriptors: cache storage; memory protocols; shared memory systems 
Identifiers: cache coherence; multiport memory environment; multiported 
shared memory multiprocessor; analytical models; concurrent read exclusive 
write access; concurrent read concurrent write access; CREW; CRCW; 
shared-not-cacheable; snooping bus; cache-to-cache transfers; directory 
protocols; main memory-to-cache memory cycle time ratio; access times; 
execution parameters; directory based schemes; port complexity; memory 
usage 

Class Codes: C5440 (Multiprocessing systems); C5220P (Parallel 
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Title: Access control for a modular, extensible storage service 

Author(s): Bacon, J./ Hayton, R. ; Sai Lai Lo; Moody, K. 
Author Affiliation: Comput. Lab., Cambridge Univ., UK 
p. 108-14 

Publisher: IEEE Comput. Soc. Press, Los Alamitos, CA, USA 
Publication Date: 1994 Country of Publication: USA viii+187 pp. 
ISBN: 0 8186 5835 5 

U.S. Copyright Clearance Center Code: 0 8186 5835 5/94/$03.00 

Conference Title: Proceedings of IEEE Workshop on Services for 



Distributed and Networked alWironnients 

Conference Sponsor: IEEE Comput . Soc. Tech. Committee on Distributed 
Process.; Czech Inst. Technol . (CVUT) 

Conference Date: 27-28 June 1994 Conference Location: Prague, Czech 
Republic 

Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P) 

Abstract: We have designed and built a modular and extensible multi 
service storage architecture (MSSA) which allows evolution from, and 
compatibility with, traditional applications. The MSSA comprises a 
two-level hierarchy of storage servers with value-adding service layers 
above them. We present the access control mechanism of the MSSA. Access 

control lists (ACLs) are used to allow fine grained expression of 

policy together with capabilities for efficient runtime access after a 
once-off ACL check. Our capabilities are principal-specific and transient 
and their design ensures that access to objects is via the correct service 
hierarchy; for example, a directory object may only be manipulated via a 

directory service. The implementation of this protection is stateless at 
the servers above the storage service. The scheme also provides a 
convenient means to delegate rights for an object, temporarily, to an 
unprivileged server, for example a print-server. The fact that our 
capabilities are short-lived alleviates the requirement for selective 
revocation and crash recovery. We report on experiences with a prototype 
implementation of the scheme and suggest some optimisations. (13 Refs) 
Subfile: C 

Descriptors: access control; file servers; memory architecture; 
multimedia systems; storage management 

Identifiers: modular extensible storage service; extensible multi service 
storage architecture; two-level hierarchy; storage servers; value-adding 
service layers; access control mechanism; MSSA; access control lists; fine 
grained expression; runtime access; once-off ACL check; principal-specific; 
service hierarchy; unprivileged server; print-server; selective revocation; 
crash recovery; prototype implementation 

Class Codes: C6120 (File organisation); C6160S (Spatial and pictorial 
databases); C7250 (Information storage and retrieval); C5690 (Other data 
communication equipment and techniques) 



24/5/12 (Item 6 from file: 2) 

DIALOG (R) File * 2:INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

4739111 INSPEC Abstract Number: C94 10-6130S-008 / 
Title: Extensible access control for a hierarchy of servers 

Author(s): Bacon, J.; Hayton, R.; Sai Lai Lo; Moody, K. 
Author Affiliation: Comput. Lab., Cambridge Univ., UK 
Journal: Operating Systems Review vol.28, no. 3 p. 4-15 
Publication Date: July 1994 Country of Publication: USA 
CODEN: 0SRED8 ISSN: 0163-5980 

Language; English Document Type: Journal Paper (JP) 
Treatment: Practical (P) 

Abstract: We discuss the protection requirements of a distributed storage 
service comprising a two-level hierarchy of storage servers with 
value-adding service layers above them. A flexible and extensible access 
control mechanism is required. Our scheme uses Access Control Lists 
(ACLs) to allow fine grained expression of policy together with 
capabilities for efficient runtime access after a once-off ACL check. Our 
capabilities are principal-specific and transient and their design ensures 
that access to objects is via the correct service hierarchy; for example, a 
directory object may only be manipulated via a directory service. The 
implementation of this protection is stateless at the servers above the 
storage service. The scheme also provides a convenient means to delegate 
rights for an object, temporarily, to an unprivileged server, for example a 
print-server. The fact that our capabilities are short-lived alleviates the 
requirement for selective revocation and crash recovery. (12 Refs) 
Subfile; C 

Descriptors: authorisation; file servers; memory architecture; storage 
management 



Identifiers: extensible ij^ess control; hierarchy of serv^^? protection 
requirements; distributed storage service; storage servers; value-adding 
service layers; fine grained expression; directory object 

CI ass Codes: C6130S (Data security) ; C5310 (Storage system design) ; 
C6120 (File organisation) 



24/5/13 (Item 7 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

04292429 INSPEC Abstract Number: C9301-6150N-018 
Title: Distributed system and security management with centralized control 

Author{s): Chii-Ren Tsai; Gligor, V.D. 

Conference Title: Proceedings of the Spring 1992 EurOpen/USENIX Workshop 
p. 137-46 

Publisher: EurOpen, Buntingford, UK 

Publication Date: 1992 Country of Publication: UK vi+146 pp. 
Conference Date: 6-9 April 1992 Conference Location: Jersey, UK 
Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P); Experimental (X) 

Abstract: The authors have designed and implemented a prototype of 
distributed system and security management for AIX Version 3 on the RISC 
System/6000 by using an experimental secure remote procedure call (RPC) 
mechanism based on network computing system (NCS) . The prototype consists 
of distributed SMIT (system management interface tool) , distributed audit 
and access control list ( ACL ) management for AIX systems. 

Distributed SMIT can manage user accounts, file systems, devices, networks, 
spoolers and system configuration. Distributed system security management, 
which includes distributed audit and distributed ACL management, allows 
the distributed system security administrator to turn on/off auditing, 
perform audit system management, analyze audit trails and set ACLs on a 
per-file, per- director or per-application basis. Based on the 
experimental secure RPC mechanism and Motif widgets on the X window system, 
the authors designed and implemented a high-level, protocol-transparent, 
integrated interface for the prototype of distributed system and security 
management. (13 Refs) 

Subfile: C 

Descriptors: distributed processing; protocols; remote procedure calls; 
security of data 

Identifiers: distributed system management; security management; 
centralized control; AIX Version 3; RISC System/6000; remote procedure call 
; network computing system; distributed SMIT; system management interface 
tool; distributed audit; access control list; user accounts; file systems; 
spoolers; audit system management; audit trails; Motif widgets; X window 
system 

Class Codes: C6150N (Distributed systems); C6130S (Data security) 



24/5/14 (Item 8 from file: 2) 

DIALOG ( R) File 2 : INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

04285187 INSPEC Abstract Number: B9301-6150M-001, C9301-5640-003 
Title: Implementation of Open Systems Interaction. IX. The Directory 

Author(s): Senda, S. 

Journal: Joho Shori vol.33, no. 7 p. 828-37 
Publication Date: 1992 Country of Publication: Japan 
CODEN: J0SHA4 ISSN: 0447-8053 

Language: Japanese Document Type: Journal Paper (JP) 
Treatment: Practical (P) 

Abstract: Discusses CCITT and ISO standards; message handling systems; 
directory information trees; distinguished names; attribute types and 
values; relative distinguished names; alias entries; the READ , LIST, 
SEARCH and COMPARE commands; adding, removing or modifying entries; 
abandoning the procedure; directory user agents and directory system 
agents; directory access protocol and directory system protocol; 
referral, chaining and multicasting; the remote operations service; 



replication; access contros^ schema; and enhanced searchin^^^( 0 Refs) 
Subfile: B C 

Descriptors: electronic messaging; open systems; protocols; standards 
Identifiers: attribute values; Open Systems Interaction; CCITT; ISO; 

standards; message handling systems; directory information trees; 

distinguished names; attribute types; alias entries; directory user agents; 

directory system agents; directory access protocol; directory system 

protocol; referral; chaining; multicasting; remote operations service; 

replication; access control; schema; enhanced searching 
Class Codes: B6150M (Protocols); C5640 (Protocols) 



24/5/15 (Item 9 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

04060631 INSPEC Abstract Number: 89202-6210-141, C9202-7250-056 
Title : EAN archive server 
Author(s) : Wick, D.A. 

Author Affiliation: Dept. of Comput . , Camosun College, Victoria, EC, 
Canada 

Conference Title: Message Handling Systems and Application Layer 
Communication Protocols. Proceedings of the IFIP WG6.5 International 
Symposium p. 233-8 

Editor (s): Schicker, P.; Stefferud, E. 

Publisher: North-Holland, Amsterdam, Netherlands 

Publication Date: 1991 Country of Publication: Netherlands xi+554 pp. 
ISBN: 0 444 88916 7 
Conference Sponsor: IFIP 

Conference Date: 3-5 Oct. 1990 Conference Location: Zurich, 
Switzerland 

Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P) 

Abstract: A file archive has been derived which utilizes the CCITT X.400 
reliable transfer system as a store-and-f orward file transfer system for 
the transfer of both archive commands and of files. This removes 
restrictions of existing connection oriented archive systems which require 
a real-time network connection for the duration of the command and file 
transfer process and of non-X.400 based systems. The EAN archive server, 
EAS, provides access to all user and management functions via normal 
interpersonal messages. The user is provided with a complete set of 
directory and file manipulation commands, including an access control 
list protection scheme. Management functions allow for complete archive 
management from a remote node, also via inter-personal messages, (4 Refs) 
Subfile: B C 

Descriptors: electronic messaging; information retrieval systems 
Identifiers: directory commands; electronic messaging; EAN archive server 

; file archive; CCITT X.400 reliable transfer system; store-and-forward 

file transfer; EAS; interpersonal messages; file manipulation commands; 

access control list protection; archive management 

Class Codes: B6210 (Telecommunication applications); C7250 (Information 

storage and retrieval) 



24/5/16 (Item 10 from file: 2) 

DIALOG (R) File 2: INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

03280995 INSPEC Abstract Number: C89008224 
Title: Shared editing with WPS-PLUS 
Author (s): Rosen, I.; Einerson, F. 

Author Affiliation: Texas Univ., Galveston, TX, USA 
Journal: DEC Professional vol.7, no. 9 p. 78-80 
Publication Date: Sept. 1988 Country of Publication: USA 
CODEN: DECPDJ ISSN: 0744-9216 

Language: English Document Type: Journal Paper (JP) 
Treatment: Practical (P) 

Abstract: Sometimes it's useful for two or more non-privileged users to 



share the editing of a l^Pbment. Unfortunately, WPS-PLUS^Bssn ' t provide 
support for shared editing. To address this problem, the abhors set up a 
system for transferring WPS-PLUS work files among naive, non-privileged 
users. The system uses two DCL command procedures, a short FORTRAN program, 
and a special disk directory , DISK/sup S/ER: (TRANSFER) , which has world 
read and write access to act as a transfer point among users, A 

command procedure copies the work file into the transfer directory , the 
recipient reads the work file from the transfer directory into his own 
document work file using WPS-PLUS, and then another command procedure 
clears the transfer directory . (0 Refs) 
Subfile: C 

Descriptors: DEC computers; FORTRAN listings; job control language 
listings; text editing; word processing 

Identifiers: nonprivileged users; work file transfer; WPS-PLUS; shared 
editing; DCL command procedures; FORTRAN program; disk directory; world 
read and write access 

Class Codes: C6130D (Word processing techniques) 



24/5/17 (Item 11 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2002 Institution of Electrical Engineers. All rts. reserv. 

03067235 INSPEC Abstract Number: C88013872 
Title: DVSS: a distributed version storage server for CAD applications 

Author (s): Ecklund, D.J.; Ecklund, E.F., Jr.; Eifrig, R.O.; Tonge, F.M. 
Author Affiliation: Comput . Res. Labs., Tektronix Inc., Beaverton, OR, 
USA 

Conference Title: Proceedings of the Thirteenth International Conference 
on Very Large Data Bases: 1987 13th VLDB p. 443-54 
Editor (s): Stocker, P.M.; Kent, W.; Hammersley, P. 
Publisher: Morgan Kaufmann, Los Altos, CA, USA 

Publication Date: 1987 Country of Publication: USA xii+518 pp. 
Conference Sponsor: Alvey; ICL; RTI; et al 

Conference Date: 1-4 Sept. 1987 Conference Location: Brighton, UK 
Language: English Document Type: Conference Paper (PA) 
Treatment: Practical (P) 

Abstract: The distributed version storage server (DVSS) provides an 
underlying storage mechanism for a CAD-oriented data model. DVSS supports 
such project management features as version histories, alternate data 
versions, and multi-reader multi- writer access control in a 

heterogeneous network of workstations and fileservers. Each design object 
is managed as a rooted directory acyclic graph (DAG) of versions. At any 
time, one path in a object's DAG is designated as its principle path; the 
current version in the principal path is the current version of the object. 
Other paths contain alternate versions of the object. Updates to any 
version path must be serializable, but derivation of alternate versions is 
not subject to this constraint. Clients interact with DVSS using the 
checkout/checkin paradigm. Each object has a primary site, which 
synchronizes actions on the object. Group operations requiring multiple 
locks follow a deadlock avoidance scheme. DVSS is robust in that it 
supports multi-reader and multi- writer data access in the presence of 
failures. Traditional data replication supports continued read access . 
Write - write conflicts resulting from continued write access during 
network partition are resolved at recovery time by creation of alternate 
versions. The cost of resolution is minimized by employing a unilaterally 
computable algorithm at each site. (22 Refs) 

Subfile; C 

Descriptors: CAD; distributed databases; system recovery 
Identifiers: UNIX; VAX; DVSS; distributed version storage server; CAD 
applications; storage mechanism; data model; project management; version 
histories; alternate data versions; multi-reader multi-writer access 
control; heterogeneous network; workstations; fileservers; checkout/checkin 
; multiple locks; deadlock avoidance scheme; data replication; continued 
read access; recovery time 

Class Codes: C6160B (Distributed DBMS); C7400 (Engineering) 



24/5/18 (Item 12 from^Ile: 2) 

DIALOG { R) File 2 : INSPEC 
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02559742 INSPEC Abstract Number: C86004277 
Title: NFS brings common specs to computing 

Author(s): Hime, J. 

Author Affiliation: Sun Microsyst. Inc., Mountain View, CA, USA 
Journal: Systems & Software vol.4, no. 7 p. 105-7 
Publication Date: July 1985 Country of Publication: USA 
CODEN: SYSOES ISSN: 0745-0850 

Language: English Document Type: Journal Paper (JP) 
Treatment: Practical (P); Product Review (R) 

Abstract: The Network File System (NFS) from Sun Microsystems, allows a 
variety of machines and operating systems to play the role of client or 
server. NFS offers the flexibility of transparent network-wide read and 
write file and directory access , independent of processor, 
operating-system, or network genre. The author looks at the NFS 
architecture and its benefits. (0 Refs) 
Subfile: C 

Descriptors: computer networks; file organisation; time-sharing systems 
Identifiers: server-client relationship; Network File System; Sun 

Microsystems; operating systems; transparent network-wide read and write 

file; NFS architecture 

Class Codes: C5620 (Computer networks and techniques); C6120 (File 

organisation) 



24/5/19 (Item 13 from file: 2) 

DIALOG (R) File 2 : INSPEC 
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02338431 INSPEC Abstract Number: C84050617 
Title: Access control lists in capability environments 

Author (s): Lopriore, L. 

Author Affiliation: Istituto di Elaborazione dell * Inf ormazione, Consiglio 
Nazionale delle Ricerche, Pisa, Italy 

Journal: Technique et Science Inf ormatiques 
Country of Publication: France 
CODEN: TTSIDJ ISSN: 0752-4072 

Translated in; Technology and Science of Informatics vol.3, no. 3 p. 
163-74 

Publication Date: 1984 Country of Publication: UK 
CODEN: TTSIEK ISSN: 0264-7419 

Language: English Document Type: Journal Paper (JP) 
Treatment: Theoretical (T) 

Abstract: Control requirements for access to shared objects in computer 
systems have led machine architects to propose various mechanisms, among 
which the best-known are virtual memory and capability addressing. 
Implementation of control of access to an object, using capabilities, means 
working with concepts such as a group of objects or a protection domain, 
and involves bringing all the capabilities of the objects in the domain 
together in a capability list and, finally, obliging access to the domain 
to pass through that list. It is therefore a method of protection in which 
access control operates at the level of the requesting subject rather than 
at that of the object requested. At the opposite end of the scale, in file 
management, the aim is to preserve objects independently of the requester 
and therefore to apply control at the level of the requested file, using a 
list of authorised users. The author starts by comparing these two control 
methods, after which he tackles the question of implementing access 
control lists within a specific architecture built on capabilities. 

Having discussed that architecture, he studies file protection against 
accidental access. This requires that every user have a series of access 
rights to files. This method is based on the implementation of three 
elements: file management, list management and a directory , all of them 
associated with capability lists for the objects appropriate to them. The 
file management system handles files without access control. The list 
management system handles both management and control of access rights. The 



directory operates as^PTn interface between users and^^les. The main 
problem is to guarantee that the director identifies users unambiguously. 
The solution proposed uses pseudo-capabilities or capabilities containing a 
reference to a capability in a list of capabilities; these 
pseudo-capabilities allow the propagation of the right to designate a 
protected object without propagating access rights. (36 Refs) 
Subfile: C 

Descriptors: computer architecture; file organisation; security of data 
Identifiers: access control lists; capability-based architecture; shared 
objects; computer systems; capability addressing; protection; file 
management; accidental access; list management; directory; 
pseudo-capabilities 

Class Codes: C5220 (Computer architecture); C6120 (File organisation) 



24/5/20 (Item 14 from file: 2) 

DIALOG (R) File 2 : INSPEC 
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01185028 INSPEC Abstract Number: C78012080 
Title: The CAP filing system 
Author (s): Needham, R.M.; Birrell, A.D. 

Author Affiliation: Computer Lab., Univ. of Cambridge, Cambridge, UK 
Journal: Operating Systems Review vol.11, no. 5, spec, issue. p. 
11-16 

Publication Date: Nov. 1977 Country of Publication: USA 
CODEN: 0SRED8 ISSN: 0163-5980 

Conference Title: Proceedings of the Sixth Symposium on Operating Systems 
Principles 

Conference Date: 16-18 Nov. 1977 Conference Location: West Lafayette, 
IN, USA 

Language: English Document Type: Conference Paper (PA); Journal Paper 
(JP) 

Treatment: Practical (P) 

Abstract: The filing system for the CAP is based on the idea of 
preservation of capabilities if a program has been able to obtain some 
capability then it has an absolute right to preserve it for subsequent use. 
The pursuit of this principle, using capability-oriented mechanisms in 
preference to access control . lists , has led to a filing system in 

which a preserved capability may be retrieved from different directories 
to achieve different access statuses, in which the significance of a text 
name depends on the directory to which it is presented, and in which 
filing system 'privilege' is expressed by possession of directory 
capabilities. (3 Refs) 
Subfile: C 

Descriptors: file organisation; operating systems (computers) 
Identifiers: CAP; filing system; capabilities; directories; access 
Class Codes: C6120 (File organisation); C6150J (Operating systems) 
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00525368 99PK02-317 

Aventail paves the extranet way — ExtraNet Center makes network 
management simpler but doesn't quite live up to its name 

Chowdhry, Pankaj 

PC Week , February 22, 1999 , vl6 n8 pl03, 1 Page(s) 

ISSN: 0740-1604 

Company Name: Aventail 

URL: http: //www . aventail . com 

Product Name: ExtraNet Center 

Languages : English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Geographic Location: United States 

Presents a favorable review of Extranet Center ($7,995), an extranet 



policy manager and virtl^^ private network (VPN) from A^Hbail Corp. of 
Seattle, WA (877). Explains that it is designed to manage^^ers' movement 
from an untrusted network into a trusted network environment. Cites 
features such as user interface, scriptability, solid access control 

lists , high resolution user authentication, secure firewall traversal, 
support of Novell Directory Service (NDS), and Remote Authentication 
Dial-In User Service. However, lacks Lightweight Directory Access 

Protocol ( LDAP ) support and support for service-level management. 
Concludes that it is a good choice for easing system administrators' job of 
network management. Received the highest rating of A for manageability, B 
for interoperability, usability and capability, and C for performance. 
Includes one screen display, one photo, two sidebars, and one scorecard. 
(MEM) 

Descriptors: Extranets; Virtual Private Network; Network Management; 
User 

Identifiers: ExtraNet Center; Aventail 



24/5/22 (Item 2 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00516532 98IW12-013 

Oracle Application Server 4 . 0 

InfoWorld , December 7, 1998 , v20 n49 pll2, 1 Page(s) 
ISSN: 0199-6649 
Company Name: Oracle 

Product Name: Oracle Application Server 

Languages : English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Geographic Location: United States 

Presents a favorable review of Oracle Application Server 4.0 ($NA) from 
Oracle Corp. of Redwood Shores, CA (800). Runs on Solaris 2.x and Windows 
NT. Component development model support are CORBA/IIOP and EJB. Security 
and directory support are authentication, ACL , SSL, IP restriction, 
domain restriction and LDAP . Database connectivity support is ' 'Oracle 
database access via OCI in PL/SQL, C, ODBC, JDBC, JSQL and X/A' ' . Notes 
that features include: services and cartridges can be distributed across 
multiple servers; process isolation to prevent failed process from crashing 
other processes; dynamic load balancing; failure autodetection and 
autorecovery; and automatically starts and shuts down threads based on 
server loads. Praises its robust management tools and well-implemented 
security methods, (cmr) 

Descriptors: Networks; Server; Network Management; Interoperability; 
Load Balancing 

Identifiers: Oracle Application Server; Oracle 



24/5/23 (Item 3 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00516530 98IW12-011 

Microsoft Transaction Server 2.0/Internet Information Server 4.0 

InfoWorld , December 7, 1998 , v20 n49 pllO-111, 2 Page(s) 
ISSN: 0199-6649 
Company Name: Microsoft 

Product Name: Microsoft Transaction Server 2.0 

Languages: English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Geographic Location: United States 

Presents a favorable review of Microsoft Transaction Server 2.0 (MTS) 
($NA), bundled with Microsoft Internet Information Server 4.0 (IIS), both 
from Microsoft Corp. of Redmond, WA (425). Runs on Windows NT 4.0. Notes it 
supports any COM component DLL, regardless of the programming languages or 
tools used in the development of that DLL. Explains that this gives 



developers the f lexibilit^Ro work with their preferred de^^opment tools. 
States its Security and directory support are ''authentication, ACL , 
Secure Sockets Layer and x.509 certificate'' and database connectivity 
support is ODBC. Features include cluster automatic fail-over, threads, 
objects, database connections pooling, just-in-time server-based objects 
activation and deactivation, and process isolation. Advises weighing its 
benefits because of its Microsoft-centric technology. Recommends it to 
those who are staying in an NT environment, (cmr) 

Descriptors: Web Tools; Networks; Network Management; Application 
Development ; Server 

Identifiers: Microsoft Transaction Server 2.0; Microsoft 



24/5/24 (Item 4 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs . 
(c) 2002 Info. Today Inc. All rts. reserv. 

00516193 98NC12-110 

Dynamic content tools — Allaire ColdFusion Studio 4 

Nance, Barry 

Network Computing , December 15, 1998 , v9 n23 pl06-108, 2 Page(s) 

ISSN: 1046-4468 

Company Name: Allaire 

URL: http: //www. allaire . com 

Product Name: ColdFusion Studio 4 

Languages: English 

Document Type: Software Review 

Grade (of Product Reviewed) : C 

Geographic Location: United States 

Presents a mixed review of ColdFusion Studio 4 ($395) from Allaire Corp. 
(800) . Advises that it requires ColdFusion server. Notes that it excels in 
storefront Web page development and run-time management. Notes that it 
offers both native and OLE support for database connectivity, and the 
ability to balance workloads or shift to another computer if the primary 
computer fails. Likes its CFML (ColdFusion Markup Language) that handles 
most storefront chores, and its easy to learn tag-based scripting language. 
Points out that its security options which rely on both LDAP server 
authentication and access control lists , are the best of the products 
in the roundup. Appreciates its sandbox feature, which enables users to 
confine their testing to a separate server prior to the release of updated 
storefronts, and its interactive Web page debugger. (CAT) 

Descriptors: Electronic Commerce; Web Tools; Scripting; Server; 
Debugging; Web Sites 

Identifiers: ColdFusion Studio 4; Allaire 



24/5/25 (Item 5 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00513343 98NC11-001 

The state of messaging; promises, promises! — Seamless integration with 
legacy applications. Scalability to the largest enterprise. Scores of 
value-added features . Enterprise . . . 

Backman, Dan 

Network Computing , November 1, 1998 , v9 n20 p50-66, 10 Page(s) 
ISSN: 1046-4468 
Languages: English 

Document Type: Articles, News & Columns 
Geographic Location: United States 

Reports on the changes in the messaging industry as it moves from its 
dependence on host-based SNADS and PROFS and LAN-based cc:Mail and 
Microsoft Mail, toward messaging that is Internet ready and SMTP, P0P3, 
and IMAP4 compliant. Describes the message delivery options of such 
products as Novell GroupWise, Lotus Notes and Lotus Domino, Netscape 
SuiteSpot, and Microsoft Exchange, and introduces new messaging 
technologies entitled Unified Inbox and Instant/Real-Time Messaging. 
Discusses directory services and mentions networks* ability to support 



multiple directories frd^^each network operating syst^^pnd messaging 
vendor. Considers the impact of LDAP and LIPS (Ligh^^ight Internet 
Person Schema) on and the need for a reliable Internet gateway for 
corporate me systems. Addresses other considerations, such as how best to 
support mobile users and secure the confidentiality of all message traffic. 
Includes six sidebars, two charts, and one photo. (CAT) 

Descriptors: Messaging; Internet; Standards; Security; Privacy; 
Mobile Computing 



24/5/26 (Item 6 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs . 
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00495777 98PI05-042 
Netscape Messenger 

Plain, Stephen W 

PC Magazine , May 5, 1998 , vl7 n9 pl51, 1 Page(s) 
ISSN: 0888-8507 

Company Name: Netscape Communications 
URL; http://www.netscape.com 
Product Name: Netscape Messenger 
Languages : English 
Document Type: Software Reviews 
Grade (of Product Reviewed) : B 

Hardware/Software Compatibility: IBM PC Compatible; Microsoft Windows; 
Microsoft Windows 95 

Geographic Location: United States 

Presents a favorable review of Netscape Messenger 4,0 (free with 
Netscape Communicator, Standard Edition ), an electronic mail client 
program from Netscape Communications Corp. of Mountain View, CA (800, 650). 
Runs on IBM PC compatibles with Windows, Explains that Netscape Messenger 
is a full-featured program designed mainly for business users. Says it 
offers an integrated news reader and supports all the major Internet 
standards. Indicates that Messenger provides excellent support for HTML, as 
well as support for a broad range of encoding standards. Features include 
an intuitive and powerful IMAP implementation, tight integration with 
Netscape Navigator, and the ability to perform complex LDAP searches 
using fields such as city and street address, and operators like ''Name 
contains,'' However, notes it has weak support for multiple users and 
accounts, and limited filtering tools. Includes one screen display. 

Descriptors: Electronic Mail; Data Communication; Internet; Filtering 
; HTML 

Identifiers: Netscape Messenger; Netscape Communications 



24/5/27 (Item 7 from file: 233) 
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Push tool keeps intranet orderly 

Senna, Jeff 

InfoWorld , January 12, 1998 , v20 n2 p58A-58D, 2 Page(s) 

ISSN: 0199-6649 

Company Name: DataChannel 

URL: http://www.datachannel.com 

Product Name: ChannelManager 1,0 

Languages : English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Hardware/Software Compatibility: IBM PC Compatible; Microsoft Windows 
NT; 32-bit Web Browser 

Geographic Location: United States 

Provides a favorable review of ChannelManager 1.0 ($19,500 for 100 user 
minimum; added users $195 per seat), an intranet organization program from 
DataChannel Inc. of Bellevue, WA (425), Requires an IBM PC compatible with 
Microsoft Windows NT Server 4.0, and the client must have a 32-bit 



Java-enabled Web Browser .^Sports that this solution orgar^^s a corporate 
intranet through a database-driven navigation system. States that it may be 
just the right solution for medium to large enterprises to better organize 
a corporate intranet and make a range of information more easily 
accessible. Says that there is a well-designed and intuitive Java-based 
client. Notes that it is costly and requires read - write access to Web 
server directories via the network operating system. Adds that it is off 
to a good start with this version, and is definitely worth considering. 
Rated four on a five point scale. Includes one screen display, (bjp) 

Descriptors: Intranets; Push Technology; Enterprise Computing; 
Windows 

Identifiers: ChannelManager 1.0; DataChannel 



24/5/28 (Item 8 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00468143 97PI08-016 

Not just browsing — Netscape's Communicator 4.0 brings together e-mail, 
groupware, and browsing 

Finnie, Scot 

PC Magazine , August 1, 1997 , vl6 nl4 p45-54, 6 Page(s) 
ISSN: 0888-8507 

Company Name: Netscape Communications 
Product Name: Netscape Communicator 
Languages: English 
Document Type: Software Review 
Grade (of Product Reviewed) : B 

Hardware/Software Compatibility: IBM PC Compatible; Microsoft Windows; 
Microsoft Windows 95; Microsoft Windows NT 
Geographic Location: United States 

Presents a favorable review of Netscape Communicator 4.0 ($60 for 
shareware, $80 for Professional Edition ) , an Internet suite from Netscape 
Communications, Mountain View, CA (415) . The program requires 8MB RAM, 18MB 
hard disk space {for Base install version), and Windows 3.1x, 95, or NT 4,0 
(it runs on 17 platforms) . All the components of the suite have been 
improved. Navigator now supports Dynamic HTML and has animated 3D buttons 
which are intuitive. Messenger and Collabra (the e-mail and newsreader 
portions) support Lightweight Directory Access Protocol ( LDAP ) and 
Internet Message Access Protocol Version 4 (IMAP4) . Composer, the WYSIWYG 
Web page builder is now as easy to use as a word processor. A sidebar 
describes Netcaster, a multimedia content deliverer not ready for the 
final release of Communicator. Another sidebar comments on Internet 
Explorer 4.0. Includes one illustration, one table, and nine screen 
displays, (djd) 

Descriptors: Internet; Shareware; Integrated Software; HTML 
Identifiers: Netscape Communicator; Netscape Communications 



24/5/29 (Item 9 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00459522 97PQ05-203 

Netscape Mail Server 2 . 02 

Boyle, Padraic 

PC Magazine-Network Edition , May 27, 1997 , vl6 nlO pNE8, NE12, 2 
Page (s) 

ISSN: 0888-8507 

Company Name: Netscape Communications 
Product Name: Netscape Mail Server 
Languages: English 
Document Type: Software Review 
Grade (of Product Reviewed) : C 

Hardware/Software Compatibility: IBM PC Compatible 
Geographic Location: United States 

Presents a mixed review of Netscape Mail Server 2.02 ($7,295 for 1,000 



users), an IMAP4 mail ser^^^rfrom Netscape Communications C^p. of Mountain 
View, CA (415) . The program does not include a client but works 
satisfactorily with the six IMAP clients used in testing, except for the 
Simeon client which could not separate attachments from text and headers. 
Says that it is functional, but the next release. Messaging Server 3.0, 
will add support for the Lightweight Directory . Access Protocol ( 
LDAP ), SMTP, SNMP, and SSL. The reviewed release adds LDAP through an 
add -on. Notes that it does not have any administration or configuration 
wizards and since the program does not have its own IMAP4 client, users 
must use the mail reader in Netscape Navigator or a third-party mail 
client. Navigator currently only supports P0P3 but both IMAP4 and POPS will 
be included in Messenger, a client in Netscape Communicator suite. Includes 
one screen display, (djd) 

Descriptors: Electronic Mail; Testing; Server; Software Review; 
Standards 

Identifiers: Netscape Mail Server; Netscape Communications 



24/5/30 (Item 10 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs . 
(c) 2002 Info. Today Inc. All rts. reserv. 

00451050 97BY02-012 

NT Security — Seven practical recommendations for securing 
Internet -connected Windows NT systems 

Udell, Jon 

BYTE , February 1, 1997 , v22 n2 pll7-120, 4 Page(s) 
ISSN: 0360-5280 
Languages : English 

Document Type: Articles, News & Columns 
Geographic Location: United States 

Discusses seven practical recommendations for securing 

Internet-connected Windows NT systems. Recommends the following; use NT 
File System (NTFS) volumes that can apply laccessO - Icontrol listsO 
files and directories ; use NT's User Manager to set an account-lockout 
policy and rename the administrative account; NT's event-auditing system to 
check if you have been broken into; disable NetBIOS-over-TCP/IP; block 
nonessential inbound TCP/IP ports; revoke the ''Access from Network'' 
privilege; and do not away unnecessary information. Concludes that these 
simple defenses require some effort and suggests that Microsoft provide an 
option for an NT installer to omit all unnecessary network services, 
protocols, and bindings, revoke all network-based rights and permissions, 
and audit itself aggressively. Contains two screen displays and two 
sidebars, (smg) 

Descriptors: Security; Internet; Network Management; Auditing 



24/5/31 (Item 11 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00438721 96PM10-035 
Office Hours 
Yakal, Kathy 

PC/Computing , October 1, 1996 , v9 nlO p214, 1 Page(s) 

ISSN: 0899-1847 

Company Name: TEAMaker 

Product Name: Office Hours for Windows 

Languages: English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Hardware/Software Compatibility: IBM PC Compatible; Microsoft Windows 
Geographic Location: United States 

Presents a favorable review of Office Hours for Windows ($150 for 50 
users), a workgroup management program from TEAMaker Corp. (503). The 
program includes four mini apps : an Electronic In/Out Board, an Employee 
Browser, a Time-card program, and a Company Events Calendar. It is easy to 
configure by entering employee names, phone numbers, departments, job 



titles, and current loca^Bn status. Its functions can be^^^ily accessed 

through a floating taskOT^. The program is installel^P:! a drive and 
directory that offer read and write access . Workgroup members can 
check coworkers' whereabouts or job status or update their own status. This 
is a good program, but it relies on the users to conscientiously upgrade 
their status and keep their time cards current. If they will, it's a 
winner, particularly at its price. Includes one screen display, (djd) 
Descriptors: Groupware; Software Review; Window Software 
Identifiers: Office Hours for Windows; TEAMaker 



24/5/32 (Item 12 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00432271 96WW08-018 

LDAP spec poised to ease directoiry woes 

Korzeniowski, Paul 

WebWeek , August 5, 1996 , v2 nil p37, 39, 2 Page(s) 
ISSN: 1081-3071 

Product Name: Lightweight Directory Access Protocol 
Languages: English 

Document Type: Feature Articles and News 
Geographic Location: United States 

States that vendors seem to be ready to simplify directory service 
maintenance by adopting a standard aimed at building large, complex 
intranet applications. Reports that Netscape Communications Corp. has 
selected the Lightweight Directory Access Protocol, or LDAP , as the 
foundation for its directory services server, and 44 suppliers plan to add 
LDAP compliance to their products. Explains that directories store lists 
with the names and addresses of every end user and computer resource, and 
applications check directories to ensure that users have the proper 
credentials before access to any resource is granted. Notes that an 
integrated directory must be able to keep a central list of all users and 
resources and to enable companies to scatter smaller directories throughout 
a network. Says that LDAP could replace proprietary directories but lacks 
security features, (jo) 

Descriptors: Directories; Networks; Standards 

Identifiers: Lightweight Directory Access Protocol 



24/5/33 (Item 13 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00418310 96DC03-101 

Web servers do what ' s best for the group — Netscape * s Suitespot lets 
companies run groupware apps on internal Web networks 

Bruno, Lee 

Data Communications , March 21, 1996 , v25 n4 p29-30, 2 Page(s) 
ISSN: 0363-6399 

Company Name: Netscape Communications 

Product Name: Suitespot 

Languages : English 

Document Type: Software Review 

Grade (of Product Reviewed) : B 

Hardware/Software Compatibility: IBM PC Compatible; Unix workstation 
Geographic Location: United States 

Presents a favorable review of Suitespot ($3,995), an integrated Web 
server software package from Netscape Communications Corp. of Mountain 
View, CA (415) . Says using the components of the package together furnishes 
the best features of groupware, including compatibility with relational 
databases as well as industrial-strength security. Adds that it provides 
integrated databases, full-text searching and cataloging, read / write 

access control to individual files or directories , and the ability to 
change authentication policies on the fly. However, says it lack workflow 
engines, and it does not provide for replicating data across a WAN. 
Includes a diagram and a summary card, (dpm) 



Descriptors: Server; ^P^tware Review; Web Sites; Ned^^k Management; 
Web Management; Intranets 

Identifiers: Suitespot; Netscape Communications 



24/5/34 (Item 14 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs . 
(c) 2002 Info. Today Inc. All rts. reserv. 

00397223 95IF09-001 

Securing Windows NT: the operating system contains controls, if you know 
how to use them 

Hansel, Robert S 

Info Security News , September 1, 1995 , v6 n5 p26-30, 5 Page(s) 

ISSN: 1051-2500 

Company Name: Microsoft 

Product Name: Microsoft Windows NT 

Languages: English 

Document Type: Feature Articles and News 
Geographic Location: United States 

Discusses the security options built into Windows NT. Says NT provides 
an array of customizable options and configurations that include the 
combination of isolated address spaces and privileged-mode processing that 
protects the operating system and other processes from a rogue user 
process. Outlines logon control, group rights and user accounts, access 
authority and control, auditing, administration, and domains and trust. 
Adds that d and file protection is achieved through access control 

lists ( ACL which are maintained through the directory and file 
attributes although it can only provide directory and file protection on 
NTF partitions. Contains the sidebar ''Virus Issues in NT's Future ' ' (p28) 
by David J. Stang. Includes a photo and a table, (dpm) 

Descriptors: Security; Operating Systems; 32-Bit Code; Window 
Software; Virus 

Identifiers: Microsoft Windows NT; Microsoft 



24/5/35 (Item 15 from file: 233) 

DIALOG (R) File 233: Internet & Personal Comp. Abs. 
(c) 2002 Info. Today Inc. All rts. reserv. 

00292351 92LA10-321 

Who Says You Can't Get Free E-mail For Your Network? — Netware 
Shareware 

Duncan, Thom 

LAN Times , October 26, 1992 , v9 n20 p91-92, 2 Page(s) 

ISSN: 1040-5917 

Product Name: Pmail 

Languages: English 

Document Type: Software Review 

Grade (of Product Reviewed) : a 

Hardware/Software Compatibility: DOS 

Geographic Location: United States 

Presents a very favorable review of Pmail, a NetWare freeware DOS- 
resident mail utility accessible from file PM232.EXE of library 16 from the 
NOVLIB directory of the CompuServe service. Says that Pmail, which is 
stored in a directory accessible to users of NetWare and non-NetWare 
networks, enables users to create and send mail messages as well a attach 
other documents to messages; it also enables users to edit messages 
offline, search for Novell users and create distribution lists as well as 
keyboard macros. Says also that Pmail includes a context-sensitive help 
system and a GUIDE.EXE file containing a complete manual which can be read 
through a topical front end. Includes a screen. (PAM) 

Descriptors: Public-Domain Software; Electronic Mail; Networks; 
Software Review; Consumer Information 
Identifiers: Pmail 
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13785935 PASCAL No.: 98-0499895 

Septic arthritis of the knee following anterior cruciate ligament 
reconstruction : Results of a survey of Sports Medicine Fellowship 
directors 

MATAVA M J; EVANS T A; WRIGHT R W; SHIVELY R A 

Section of Sports Medicine, Department of Orthopaedic Surgery, Washington 
University, St. Louis, Missouri, United States; Department of Allied 
Health, Slippery Rock University, Slippery Rock, Pennsylvania, United 
States 

Journal: Arthroscopy, 1998, 14 (7) 717-725 
ISSN: 0749-8063 CODEN: ARTHE3 Availability: INIST-20604; 
354000070382690080 

No. of Refs. : 41 ref . 

Document Type: P (Serial) ; A (Analytic) 
Country of Publication: United States 
Language: English 

To determine the incidence of joint sepsis following anterior cruciate 
ligament ( ACL ) reconstruction and the prevailing attitudes toward its 
treatment. we surveyed the directors of Sports Medicine Fellowship 
programs about their practices in treating and preventing this 
complication. Of the 74 surgeons surveyed. 61 (82%) responded. These 61 
surgeons performed an average of 98 ACL reconstructions yearly; 31 (51%) 
routinely used a drain after ACL surgery. 18 (30%) had treated an ACL 
infection within the past 2 years, and 26 (43%) had treated an infection 
within the past 5 years. There was no significant difference in the number 
of infections and the surgeons case load, graft choice, or method of 
reconstruction. Fifty-two surgeons (85%) selected culture-specific 
intravenous (IV) antibiotics and surgical irrigation of the joint with 
graft retention as initial treatment for the infected patellar tendon 
autograft, and 39 (64%) chose this regimen to treat the infected allograft. 
For the resistant infection unresponsive to initial treatment. IV 
antibiotics with surgical irrigation and graft retention were also selected 
as the most common treatment combination for 25 (39%) of the 61 
respondents. After graft removal, the earliest a revision procedure would 
be considered was 6 to 9 months. The results of this survey confirm the 
widely held belief that septic arthritis of the knee is a relatively rare 
complication following ACL reconstruction. Once an infection is 
encountered, culture-specific IV antibiotics and surgical joint irrigation 
with graft retention are recommended as initial treatment. Graft excision 
and hardware removal is considered only for those infections resistant to 
initial treatment and for the infected allograft. 

English Descriptors: Anatomical reconstruction; Anterior cruciate ligament; 
Complication; Arthritis; Knee; Infection; Postoperative; Sports medicine; 
Evaluation; Epidemiology; Incidence; Prevalence; Questionnaire; Human; 
Treatment; Lower limb 

Broad Descriptors: Orthopedic surgery; Diseases of the osteoarticular 

system; Arthropathy; Knee disease; Bacteriosis; Public health; Chirurgie 
orthopedique; Systeme osteoarticulaire pathologie; Arthropathie; Genou 
pathologie; Bacteriose; Sante publique; Cirugia ortopedica; Sistema 
osteoarticular patologia; Artropatia; Rodilla patologia; Bacteriosis; 
Salud publica 

French Descriptors: Reconstruction anatomique; Ligament croise anterieur; 
Complication; Arthrite; Genou; Infection; Postoperatoire; Medecine sport; 
Evaluation; Epidemiologie; Incidence; Prevalence; Questionnaire; Homme; 
Traitement; Membre inferieur 
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